initial commit 2

author: stephanchrst <stephanchrst@gmail.com> 2022-05-10 21:51:50 +0700
committer: stephanchrst <stephanchrst@gmail.com> 2022-05-10 21:51:50 +0700
commit: 3751379f1e9a4c215fb6eb898b4ccc67659b9ace (patch)
tree: a44932296ef4a9b71d5f010906253d8c53727726 /addons/project/security
parent: 0a15094050bfde69a06d6eff798e9a8ddf2b8c21 (diff)
2 files changed, 145 insertions, 0 deletions
diff --git a/addons/project/security/ir.model.access.csv b/addons/project/security/ir.model.access.csv
new file mode 100644
index 00000000..e4538dbe
--- /dev/null
+++ b/addons/project/security/ir.model.access.csv
@@ -0,0 +1,27 @@
+id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
+access_project_project,project.project,model_project_project,project.group_project_user,1,0,0,0
+access_project_project_manager,project.project,model_project_project,project.group_project_manager,1,1,1,1
+access_project_task_type_user,project.task.type.user,model_project_task_type,base.group_user,1,0,0,0
+access_project_task_type_project_user,project.task.type.project.user,model_project_task_type,project.group_project_user,1,0,0,0
+access_project_task_type_manager,project.task.type manager,model_project_task_type,project.group_project_manager,1,1,1,1
+access_project_task_type_portal,task_type_portal,project.model_project_task_type,base.group_portal,1,0,0,0
+access_project_task,project.task,model_project_task,project.group_project_user,1,1,1,1
+access_report_project_task_user,report.project.task.user,model_report_project_task_user,project.group_project_manager,1,1,1,1
+access_partner_task_user,base.res.partner user,base.model_res_partner,project.group_project_user,1,0,0,0
+access_task_on_partner,project.task on partners,model_project_task,base.group_user,1,0,0,0
+access_task_portal,task_portal,project.model_project_task,base.group_portal,1,0,0,0
+access_project_user,project.project on partners,model_project_project,base.group_user,1,0,0,0
+access_project_portal,project_portal,project.model_project_project,base.group_portal,1,0,0,0
+access_resource_calendar,project.resource_calendar user,resource.model_resource_calendar,project.group_project_user,1,0,0,0
+access_resource_calendar_attendance,project.resource_calendar_attendance user,resource.model_resource_calendar_attendance,project.group_project_user,1,0,0,0
+access_resource_calendar_leaves_user,resource.calendar.leaves user,resource.model_resource_calendar_leaves,project.group_project_user,1,1,1,1
+access_project_tags_all,project.project_tags_all,model_project_tags,,1,0,0,0
+access_project_tags_manager,project.project_tags_manager,model_project_tags,project.group_project_manager,1,1,1,1
+access_project_tags_portal,project_tags_portal,project.model_project_tags,base.group_portal,1,0,0,0
+access_mail_activity_type_project_manager,mail.activity.type.project.manager,mail.model_mail_activity_type,project.group_project_manager,1,1,1,1
+access_account_analytic_account_user,account.analytic.account,analytic.model_account_analytic_account,project.group_project_user,1,0,0,0
+access_account_analytic_account_manager,account.analytic.account,analytic.model_account_analytic_account,project.group_project_manager,1,1,1,1
+access_account_analytic_line_project,account.analytic.line project,analytic.model_account_analytic_line,project.group_project_manager,1,1,1,1
+access_project_delete_wizard,access_project_delete_wizard,model_project_delete_wizard,project.group_project_manager,1,1,1,1
+access_project_task_type_delete_wizard,project.task.type.delete.wizard,model_project_task_type_delete_wizard,project.group_project_manager,1,1,1,1
+access_project_task_recurrence,project.task.recurrence,model_project_task_recurrence,project.group_project_user,1,1,1,1
diff --git a/addons/project/security/project_security.xml b/addons/project/security/project_security.xml
new file mode 100644
index 00000000..befca629
--- /dev/null
+++ b/addons/project/security/project_security.xml
@@ -0,0 +1,118 @@
+<?xml version="1.0" encoding="utf-8"?>
+<odoo>
+
+    <record id="base.module_category_services_project" model="ir.module.category">
+        <field name="description">Helps you manage your projects and tasks by tracking them, generating plannings, etc...</field>
+        <field name="sequence">3</field>
+    </record>
+
+    <record id="group_project_user" model="res.groups">
+        <field name="name">User</field>
+        <field name="implied_ids" eval="[(4, ref('base.group_user'))]"/>
+        <field name="category_id" ref="base.module_category_services_project"/>
+    </record>
+
+    <record id="group_project_manager" model="res.groups">
+        <field name="name">Administrator</field>
+        <field name="category_id" ref="base.module_category_services_project"/>
+        <field name="implied_ids" eval="[(4, ref('group_project_user'))]"/>
+        <field name="users" eval="[(4, ref('base.user_root')), (4, ref('base.user_admin'))]"/>
+    </record>
+
+    <record id="group_subtask_project" model="res.groups">
+        <field name="name">Use Subtasks</field>
+        <field name="category_id" ref="base.module_category_hidden"/>
+    </record>
+
+    <record id="group_project_rating" model="res.groups">
+        <field name="name">Use Rating on Project</field>
+        <field name="category_id" ref="base.module_category_hidden"/>
+    </record>
+
+    <record id="group_project_recurring_tasks" model="res.groups">
+        <field name="name">Use Recurring Tasks</field>
+        <field name="category_id" ref="base.module_category_hidden"/>
+    </record>
+
+<data noupdate="1">
+    <record id="base.default_user" model="res.users">
+        <field name="groups_id" eval="[(4,ref('project.group_project_manager'))]"/>
+    </record>
+
+    <record model="ir.rule" id="project_comp_rule">
+        <field name="name">Project: multi-company</field>
+        <field name="model_id" ref="model_project_project"/>
+        <field name="domain_force">[('company_id', 'in', company_ids)]</field>
+    </record>
+
+    <record model="ir.rule" id="project_project_manager_rule">
+        <field name="name">Project: project manager: see all</field>
+        <field name="model_id" ref="model_project_project"/>
+        <field name="domain_force">[(1, '=', 1)]</field>
+        <field name="groups" eval="[(4,ref('project.group_project_manager'))]"/>
+    </record>
+
+    <record model="ir.rule" id="project_public_members_rule">
+        <field name="name">Project: Only invited users</field>
+        <field name="model_id" ref="model_project_project"/>
+        <field name="domain_force">[
+        '|',
+            ('privacy_visibility', '!=', 'followers'),
+            ('allowed_internal_user_ids', 'in', user.ids),
+        ]</field>
+        <field name="groups" eval="[(4, ref('base.group_user'))]"/>
+    </record>
+
+    <record model="ir.rule" id="task_comp_rule">
+        <field name="name">Project/Task: multi-company</field>
+        <field name="model_id" ref="model_project_task"/>
+        <field name="domain_force">[('company_id', 'in', company_ids)]</field>
+    </record>
+
+    <record model="ir.rule" id="task_visibility_rule">
+        <field name="name">Project/Task: employees: follow required for follower-only projects</field>
+        <field name="model_id" ref="model_project_task"/>
+        <field name="domain_force">[
+        '|',
+            ('project_id.privacy_visibility', '!=', 'followers'),
+            ('allowed_user_ids', 'in', user.ids),
+        ]</field>
+        <field name="groups" eval="[(4,ref('base.group_user'))]"/>
+    </record>
+
+    <record model="ir.rule" id="project_manager_all_project_tasks_rule">
+        <field name="name">Project/Task: project manager: see all</field>
+        <field name="model_id" ref="model_project_task"/>
+        <field name="domain_force">[(1, '=', 1)]</field>
+        <field name="groups" eval="[(4,ref('project.group_project_manager'))]"/>
+    </record>
+
+    <record model="ir.rule" id="report_project_task_user_report_comp_rule">
+        <field name="name">Task Analysis multi-company</field>
+        <field name="model_id" ref="model_report_project_task_user"/>
+        <field name="domain_force">[('company_id', 'in', company_ids)]</field>
+    </record>
+
+     <!-- Portal -->
+    <record id="project_project_rule_portal" model="ir.rule">
+        <field name="name">Project: portal users: portal and following</field>
+        <field name="model_id" ref="project.model_project_project"/>
+        <field name="domain_force">[
+            ('privacy_visibility', '=', 'portal'),
+            ('allowed_portal_user_ids', 'in', user.ids),
+        ]</field>
+        <field name="groups" eval="[(4, ref('base.group_portal'))]"/>
+    </record>
+
+    <record id="project_task_rule_portal" model="ir.rule">
+        <field name="name">Project/Task: portal users: (portal and following project) or (portal and following task)</field>
+        <field name="model_id" ref="project.model_project_task"/>
+        <field name="domain_force">[
+            ('project_id.privacy_visibility', '=', 'portal'),
+            ('allowed_user_ids', 'in', user.ids),
+        ]</field>
+        <field name="groups" eval="[(4, ref('base.group_portal'))]"/>
+    </record>
+
+</data>
+</odoo>
author	stephanchrst <stephanchrst@gmail.com>	2022-05-10 21:51:50 +0700
committer	stephanchrst <stephanchrst@gmail.com>	2022-05-10 21:51:50 +0700
commit	3751379f1e9a4c215fb6eb898b4ccc67659b9ace (patch)
tree	a44932296ef4a9b71d5f010906253d8c53727726 /addons/project/security
parent	0a15094050bfde69a06d6eff798e9a8ddf2b8c21 (diff)